Master Architect / Security Consultant

ZTI Solutions, LLC - Fairfax, VA

Full-time$170,000 - $180,000 a year
EducationSkills

Job Description – Master Architect / Security Consultant

Summary

Provide senior level security and networking support related to the maintenance, upgrade, and technology insertion for a DoD-accredited unclassified network. Specifically, architect, document, and implement network architecture changes to the infrastructure in compliance with DoD guidelines to smooth the transition of newly-developed applications from development environments to production.

Master Architect / Security Consultant Activities

  • Learn and understand the infrastructure to include security device configurations and Zone guidelines as outlined in DISA’s Enclave Test and Development STIG.
  • Obtain logins to all networking and security devices to be able to configure and troubleshoot architectural issues as necessary (Cisco routers, Cisco switches, Nessus scanner, Metasploit Pro scanner, Tipping Point IPS, Niksun session monitor, Lancope session monitor, HBSS, Gigamon traffic duplicator, BlueCoat Decryptor)
  • Design architectural changes to the infrastructure in close coordination with application developers, network/security engineers, government representatives, accreditation officials, and other stakeholders
  • Assist in the following activities in order to introduce new systems or applications into the infrastructure:
  • Coordinate engineering discussions with application developers to determine the best architecture to support the deployment of the new application on the infrastructure which complies with DoD guidelines related to production and Zone DoD guidelines.
  • Assist in developing CONOPs for the operation of the new system on production network
  • Document the detailed architecture, assigning IP addresses, subnets, and traffic flows as necessary in order to communicate the system details for the Authorizing Official
  • Create change requests as required in order to deploy the new system components on the development and production networks
  • Build infrastructure to support the new system on development and production environments (configure firewalls, switches, routers, etc.)
  • Coordinate with the appropriate team members to determine the applicable STIGs for the new system – and deliver the STIG lists to the system developers
  • Assist with performing Risk Assessment scans of new systems using scanning software (Nessus scanner, Metasploit Pro, Burp Suite)
  • Discuss system details with the Authorizing Official’s (AO’s) representatives, specifically detailing potential risks introduced by any new applications along with associated mitigations
  • When required, assist in troubleshooting networking and performance issues with the infrastructure (routing issues, firewall rule issues, throughput issues)
  • Upgrade/update enterprise networking and security devices to remain compliant with DoD guidelines
  • Investigate, recommend, and deploy technologies that could help secure the infrastructure or automate IA processes
  • Assist in eliminating POAMs in the infrastructure in coordination with team members

Communication and Initiative

  • Attend weekly ops meeting and discuss your area of responsibility (Network/Security Architecture)
  • Record common fixes and detailed technical processes in the team’s “Lessons Learned” file
  • Take initiative to talk to team members daily to coordinate team efforts to ensure high priority tasks are accomplished
  • Take initiative to observe IA processes and procedures and make recommended improvements
  • Take initiative to recommend technology improvements to the overall architecture

Job Type: Full-time

Salary: $170,000.00 to $180,000.00 /year

Experience:

  • IT: 10 years (Required)
  • Cisco Routers: 5 years (Required)
  • Firewalls: 5 years (Required)
  • Security: 10 years (Required)
  • IT Networking: 5 years (Required)

Education:

  • High school or equivalent (Preferred)

Work authorization:

  • United States (Required)